3.5 Antidotes to behavioural issues
To conclude this review of the matters that need examining in an audit of risk management systems have a look at this list of recommendations for controlling (and hopefully containing) the potential adverse impact of behavioural issues.
- Learning from history.
- Reporting incidents.
- Incentives – for example, personal objectives regarding ethics and compliance, or rewards to whistle-blowers who identify frauds. These are common in the US with the whistle-blower receiving a proportion of any fine subsequently handed down.
- Incentive system designed to remove conflicts (e.g. production rate v. quality rate, sales targets v. bribery).
- Not doing risk reviews in a group but in independent one-to-one sessions.
- Reviews and assurance conducted by third parties (and without notice).
- UK government approach to horizon scanning and risk assessment (futures toolkit).